<?php
session_start();

//check if the session 'estado' is a teacher
if ( $_SESSION['estado'] == "teacher_login" ) {
//include the header
include("header.php");

		//if the session group is not empty
		if (!empty($_SESSION['group'])){
		
		//mount the form and the table for print the result of students marks for the selected group
		echo "<br />";
		echo "<form action=''/ method='POST'>";
		echo "<table style='border-style:solid; text-align: center; border-width: thin; border-color:#910A2B; margin-left:20%;'>";
		echo "<tr><td><strong>Username</strong></td><td><strong>Name</strong></td><td><strong>First Surname</strong></td><td><strong>Group</strong></td><td><strong>New mark</strong></td><td><strong>Mark description</strong></td><td></td></tr>";

		//it has the settings for conect to the database
		require('mysqlsettings.php');

		// Attempt to connect to MySQL
		$dbc = @mysql_connect($server, $username, $password);
		mysql_set_charset('utf8',$dbc);
		mysql_select_db('my_marks', $dbc);				
				
		$array_name = array();	
		$var=$_SESSION['group'];		
		$query2 = "SELECT * FROM users WHERE users.Group ='$var'";
	    $i=0;
	
	/*everytime it fetches the row, adds it to array...*/
		if ($r2 = mysql_query($query2, $dbc)) {
			while ($row = mysql_fetch_array($r2)) {			
			$Usernames[$i]=$row['Username'];
			$Names[$i]=$row['Name'];
			$Surnames[$i]=$row['First_Surname'];
			$Groups[$i]=$row['Group'];
			$Emails[$i]=$row['Email'];
			//mount the table with the results of the query
			echo "<tr><td name='Username$i'>{$row['Username']}</td><td name='Name$i'>{$row['Name']}</td><td name='Surname$i'>{$row['First_Surname']}</td><td name='Group$i'>{$row['Group']}</td><td><input id='textbox$i'  name='textbox$i' type='textbox' /></td><td><input  name='textbox2$i' type='textbox' style='width:250px;'/></td><td><div style='text-align:center;'><img src='' id='ok$i' alt='' /></div></td></tr>";
			$i++;
			}	
			
		}
		//close the table
		echo "</table> <br/>";
		//print a link for return at choose group
		echo "<a href='ChooseGroup.php'>Return to Choose Group</a><br /><br />";
		//print the button to submit the form and close the form
		echo "<input type='submit'value='Send marks' style='height:30px; width:130px;'/>";
		echo "</form><br /><br />";
		
		}
		else{
			//this message will appear if you don't select a group before
			echo "<p style='color: red;'>Please, choose a group before continuing.</p>";
			echo "<br /><a href='ChooseGroup.php'>Return to Choose Group</a><br /><br />";
		}

	//it runs after pressing the submit button
	if ($_SERVER['REQUEST_METHOD'] == 'POST') {
				
				// Attempt to connect to MySQL
				$dbc = @mysql_connect($server, $username, $password);
				mysql_set_charset('utf8',$dbc);
				mysql_select_db('my_marks', $dbc);					
		
		for($cont=0;$cont<$i;$cont++){
			
			//if the textboxes aren't empty, run the form, run the insert and print an image deppending on the result
			if(!empty($_POST["textbox$cont"])){
				
				//we have the value of the textboxes and we save it into variables
				$grade= mysql_real_escape_string(trim(strip_tags($_POST["textbox$cont"])), $dbc);
				$description= mysql_real_escape_string(trim(strip_tags($_POST["textbox2$cont"])), $dbc);
				//$description = htmlentities($description);
				
				//check if the value grade is numeric and is between 0 and 10
				if(is_numeric($grade) && $grade>=0 && $grade<=10){				
				$fecha=date('d/m/y');
					//save the query into variable
					$sql="insert into Marks (ID,Date,Description,Grade,UserName) values(NULL,'$fecha','$description',$grade,'$Usernames[$cont]');";
					//run the query
					if(mysql_query($sql, $dbc))
					{	
						//if the result of the execute the query its ok, print a green image near the correct line and sent an email to the student
						echo "<script type='text/javascript'>
						document.getElementById('ok$cont').src = 'V.png';
							</script>
						";
						$msg="A new mark have been registered into your My_Marks. The new mark is: $grade ($description).";
					
						mail($Emails[$cont], 'New mark in your My_Marks account', $msg);
					}
					else 
					{
						//if the query doesn't run, print an error message
						print '<p style="color: red;">Could not run the query because:<br />' . mysql_error($dbc) . '.</p><p>The query being run was: ' . $sql . '</p>';
					}
				}	
				else 
				{		
						//if the mark value is not numeric or is not between 0 and 10, print an error message to explain what error has ocurred
						echo "<script type='text/javascript'>
						document.getElementById('ok$cont').src = 'X.png';
						</script>";
						echo "<p><b>No mark inserted. Seems that the introduced mark is not a number or its bigger than 10.</b></p>";

				}
			}
			//if the textboxs are empty, show a red "X" image 
			else 
			{				
				echo "<script type='text/javascript'>
				document.getElementById('ok$cont').src = 'X.png';
				</script>";
			}
		//end the for to scan the inserts
		}
	
	//end the code execution after pressing the submit button
	}

}

//we check if the session 'estado' is a student
else if ( $_SESSION['estado'] == "student_login" ) {

//if the sesion 'estado' is a student, include a header of the students that have permision denied for enter at this page
include("headerstudent.php");


}

//if not session started, you can't enter at this page
else {

include("noacces.php");

}
//include the footer
include("footer.php");
?>